[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DNS Flag Day, Friday, Feb 1st, 2019

Subject: DNS Flag Day, Friday, Feb 1st, 2019
From: list at satchell.net (Stephen Satchell)
Date: Thu, 24 Jan 2019 07:14:20 -0800
In-reply-to: <[email protected]>
References: <[email protected]> <CAL9jLaaG-sP9MK=nZrNq+j5rwzGaREyMbY=2p_t2zW6R6TwqJA@mail.gmail.com> <[email protected]>

On 1/23/19 8:44 PM, Mark Andrews wrote:
> and they your firewalls donâ??t block well formed DNS queries (lots of
> them do by default).

My edge routers block *all* inbound DNS requests -- I was being hit by a
ton of them at one point.  Cavaet: I don't run a DNS server that is a
domain zone master -- I use a DNS service for that.  I do have a DNS
server inside, but only to handle recursive requests from inside my network.

Outbound DNS requests?  Lets them through, and responses too.

Follow-Ups:
- DNS Flag Day, Friday, Feb 1st, 2019
  - From: marka at isc.org (Mark Andrews)

References:
- DNS Flag Day, Friday, Feb 1st, 2019
  - From: Brian at ampr.org (Brian Kantor)
- DNS Flag Day, Friday, Feb 1st, 2019
  - From: morrowc.lists at gmail.com (Christopher Morrow)
- DNS Flag Day, Friday, Feb 1st, 2019
  - From: marka at isc.org (Mark Andrews)

Prev by Date: Global statistics during the experiment (was Re: BGP Experiment)
Next by Date: BGP Experiment
Previous by thread: DNS Flag Day, Friday, Feb 1st, 2019
Next by thread: DNS Flag Day, Friday, Feb 1st, 2019
Index(es):
- Date
- Thread